Mirror/picodav
1
0
Fork 0
mirror of https://github.com/kd2org/picodav.git synced 2024-11-16 08:38:27 +01:00
Code Issues Projects Releases Packages Wiki Activity

clarify password hashing

Browse source 
Code hashes (a best practice) passwords rather than encrypting them.

FossilOrigin-Name: 274a3d24e13dc8b578f57cb326c80dba0e98c9ad45163d2d4ccf05183685194d
This commit is contained in:
clach04@gmail.com 2023-04-02 15:53:08 +00:00
parent a8caf078eb
commit 2cba34c499
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
README.md
View file

@ -71,9 +71,9 @@ password = verySecret
write = true write = true
``` ```
Note that PicoDAV will replace this password with an encrypted version the next time it is accessed, don't worry about that, this is for extra safety, just in case the `.picodav.ini` is accessed by a hacker if you made mistake in your web server configuration. Note that PicoDAV will replace this password with a hashed version the next time it is accessed, don't worry about that, this is for extra safety, just in case the `.picodav.ini` is accessed by a hacker if you made mistake in your web server configuration.
Here is an example of the password once it has been encrypted: Here is an example of the password once it has been hashed:
``` ```
password = '$2y$10$fbdabTjNPN3gMAUlaSEoR.kKHLnh0yMGneuJ7P2AOhSSNr8gUaCPu' password = '$2y$10$fbdabTjNPN3gMAUlaSEoR.kKHLnh0yMGneuJ7P2AOhSSNr8gUaCPu'